Security and Compliance Engineer
06 Jul, 2022
About Middesk Middesk enables every business to access the products and services they need to grow and thrive. If we can make it easy for a business to access financial products, hire new employees, and transact with other businesses, then we increase the odds of success for that business. Our products provide accurate and complete information for financial services companies and make it easy for employers to establish their business with state and federal entities. Our customers include Shopify, Affirm, Brex, Plaid, Mercury, Divvy, Rippling, Gusto, and others. Based in San Francisco, CA, Middesk is backed by Sequoia Capital, Accel Partners, and Y Combinator.
- The role is vast. As our first Security Engineer, you'll help us not only take care of tactical needs, but also establish our security strategy and roadmap. Here's a quick enumeration of how we see things:
- Help Engineering determine strategies to continue to secure our software. This includes authentication, authorization, sensitive data storage, API design, and more
- Promote security-related best practices across Engineering.
- Ensure the security of our cloud-based infrastructure, including auditing and controlling access controls for our systems.
- Have a hand in impactful Engineering problems across Middesk.
- Handle security inquiries (questionnaires) from prospective customers and partners.
- Run point on security compliance verification including SOC2 and ISO 27001 audits and penetration testing.
- Have opinions about security frameworks we should implement to maintain compliance (e.g. NIST, FIPS).
- While we're hiring a single Security Engineer now, you'll be supported by our Foundation Engineering team that is already highly capable in these areas. And we'd like your help to shape the Security Engineering team as we expand it beyond one individual over the next few quarters.
Why we need you
- Security is at the heart of what we do. Our customers trust us with their public and proprietary data. Our ability to responsibly use that data to derive insight is what makes our products great. Engineering is fluent in software security and has done a heck of a job developing a secure system. As we continue to grow, we could just decide to keep doing it this way -- ask Engineering to maintain its security fluency.
- And that's precisely what we'll do; Engineering will maintain security fluency.
- But, it's time to bring in a specialist. We're looking for someone to spend 100% of their time thinking about the security of our systems. We're looking for our first Security Engineer.
Why you'll love it here
- Customer First: We stay energized by solving real customer problems and make each interaction meaningful and embrace the challenging path to help our customers succeed.
- Be and owner: We identify and tackle problems, take pride in our work, and measure impact. When we find an opportunity to improve the status quo, take it on!
- Act with urgency and purpose: We move quickly and simplify things as we go. We solve the problems that we have today in ways that allow us to move even faster in the future.
- Drive results together: We choose teamwork. We share our opinions, ask questions, understand where others are coming from, and move forward as a unified front.
- Embrace the journey: We dream big and are open to taking risks. Innovation happens through optimism, positivity, rigorous thinking, and hard work.
Middesk is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. As an equal opportunity employer; we’re committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.
We are committed to providing a positive interview experience for every candidate. If any accommodations are needed during the interview process, please let us know by contacting careers @middesk.com.